def __init__(self, token=TOKEN, remote=REMOTE_ADDR, client='stdout', username=None, feed=None, archiver=None, fireball=False, no_fetch=False, verify_ssl=True, goback=False, skip_invalid=False, send_retries=5, send_retries_wait=30): self.logger = logging.getLogger(__name__) self.client = None if client != 'stdout': plugin_path = os.path.join(os.path.dirname(__file__), 'client') if getattr(sys, 'frozen', False): plugin_path = os.path.join(sys._MEIPASS, 'csirtg_smrt', 'client') self.client = load_plugin(plugin_path, client) if not self.client: raise RuntimeError("Unable to load plugin: {}".format(client)) self.client = self.client(remote=remote, token=token, username=username, feed=feed, fireball=fireball, verify_ssl=verify_ssl) self.archiver = archiver or NOOPArchiver() self.fireball = fireball self.no_fetch = no_fetch self.goback = goback self.skip_invalid = skip_invalid self.verify_ssl = verify_sslĂ self.last_cache = None self.send_retries = send_retries self.send_retries_wait = send_retries_wait
def _run_smrt(options, **kwargs): args = kwargs.get('args') goback = kwargs.get('goback') verify_ssl = kwargs.get('verify_ssl') data = kwargs.get('data') service_mode = kwargs.get("service_mode") archiver = None if args.remember: archiver = Archiver(dbfile=args.remember_path) else: archiver = NOOPArchiver() logger.info('starting run...') with Smrt(options.get('token'), options.get('remote'), client=args.client, username=args.user, feed=args.feed, archiver=archiver, fireball=args.fireball, no_fetch=args.no_fetch, verify_ssl=verify_ssl, goback=goback, skip_invalid=args.skip_invalid, send_retries=args.send_retries, send_retries_wait=args.send_retries_wait) as s: if s.client: s.client.ping(write=True) filters = {} if args.filter_indicator: filters['indicator'] = args.filter_indicator indicators = [] for r, f in s.load_feeds(args.rule, feed=args.feed): logger.info('processing: {} - {}:{}'.format(args.rule, r.defaults['provider'], f)) try: for i in s.process(r, f, limit=args.limit, data=data, filters=filters): if args.client == 'stdout': indicators.append(i) except Exception as e: if not service_mode and not args.skip_broken: logger.error('may need to remove the old cache file: %s' % s.last_cache) import traceback logger.error(traceback.print_exc()) raise e logger.error(e) logger.info('skipping: {}'.format(args.feed)) if args.client == 'stdout': print(FORMATS[options.get('format')](data=indicators, cols=args.fields.split(','))) logger.info('cleaning up') archiver.cleanup() archiver.clear_memcache() logger.info('finished run')